Articles about Security

PayPal hackable in one click according to security researcher

remote access laptop hacker security

PayPal, currently owned by eBay, is one of the most popular methods for moving money online. Of course, as Microsoft knows from Windows, with popularity comes problems. People are going to poke and prod in an effort to find soft spots. Sometimes the intention is to help fix things, sometimes to exploit the problems.

Security researcher Yasser Ali is on the good side, but he still has released details of a vulnerability that shows how easy it can be to hack PayPal. However, before you get all worked up, the payment service fixed the problem before Ali announced it. It also paid him in gratitude for the information.

Continue reading

OpenDNS opens its platform to allow intelligence sharing

Domain name

As the IT landscape changes and employees are more likely to be accessing cloud services on a range of devices, it's important that they remain properly protected from threats.

Cloud-delivered security service OpenDNS has announced that it's opened up its platform to other security vendors to fight attacks through intelligence sharing.

Continue reading

Google to launch kid-friendly versions of its most popular products

Google to launch kid-friendly versions of its most popular products

Like any company, Google wants to appeal to as many people as possible. Google Docs has been tweaked to increase its appeal to enterprise and business users, and Gmail is constantly primped and poked. Appealing specifically to children is not an entirely new idea for the search giant -- Google Code-In is targeted at 13-17 year olds, for instance -- but now Google is setting its sights on a younger audience.

Talking to USA Today, Vice President of Engineering at Google, Pavni Diwanji explained that the company is looking to create new versions of its products that are "fun and safe for children". Starting next year, the company will launch new versions of existing services, this time aimed at those aged 12 and under.

Continue reading

Facebook joins forces with ESET to fight malware for free

Facebook joins forces with ESET to fight malware for free

As part of an on-going battle against malware and abuse of the social network, Facebook has joined up with security firm ESET. The partnership follows on from the news back in May that Facebook was working with both Trend Micro and F-Secure to try to combat the threat of malware. The addition of ESET makes a trio of security partners, and Facebook has incorporated the company's technology into its own security systems.

Facebook hopes that by combining the power of F-Secure, Trend Micro and ESET, it should be possible to block the appearance of more malicious links from newsfeeds. The thinking is that adding more security providers will helps to catch even more malware without the need to rely on users having antimalware software installed.

Continue reading

Google's 'No CAPTCHA reCAPTCHA' makes it easier to prove you're not a robot

Not a robot

The CAPTCHA is a truly annoying creation. It prevents robots and scripts from pulling content from websites, or spamming them, which is great for website owners and hosts, but irritating for site visitors because it forces them to "prove they are human" by solving a challenge. This usually involves reading and entering some distorted text into a box, although there are other variations.

I personally find them hugely irksome as sometimes they fail to recognize when you get the words right, and sometimes they let you through when you get the words wrong. More importantly, they waste your time. Thankfully, the days of the CAPTCHA are numbered, as Google has come up a human-friendly solution.

Continue reading

Dropbox for Business API set to woo corporate customers with secure cloud apps

Dropbox for Business API set to woo corporate customers with secure cloud apps

While Dropbox for Business is nothing new, there's no getting away from the fact that Dropbox is seen essentially as a consumer level tool. Part of the reason for this -- apart from the occasional security slip-up -- is the fact that it has not been possible to use Dropbox in conjunction with third party tools at an enterprise level. Now this changes thanks to the arrival of the Dropbox For Business API.

The API is yet to be officially announced -- although rumors have been circulating for a little while -- but internal documentation obtained by TechCrunch shows that the launch is imminent, possibly as early as tomorrow (Wednesday December 3rd). Once launched, developers will be able to use the API to produce their own secure Dropbox-based apps and services.

Continue reading

Twitter improves harassment reporting and blocking to boost safety

Twitter improves harassment reporting and blocking to boost safety

Over the years Twitter has come in for a lot of flak for the level of abuse that runs rife on the social network. Now the site is taking action by making improvements to the existing blocking features as well as refining the harassment-reporting facility. With the likes of #gamergate and various other high profile cases, Twitter users have found themselves on the receiving end of vitriol, hatred and abuse.

Today's updates aim to clamp down on these activities, making it easier for users to report problematic tweets and easier for Twitter to respond quickly to problems. There is a particular focus on making life easier to users of mobile versions of Twitter, and the blocking feature is now more prominent in apps.

Continue reading

Global Airport Action initiative targets credit card fraudsters

Chip and pin card reader

Global law enforcement agencies and the airline, travel and credit card industries have joined forces in a major concerted action to combat online fraud.

The operation, organized via three coordination centers at Europol, in The Hague, Interpol in Singapore and Ameripol in Bogota, and involving over 60 airlines and 45 countries at more than 80 airports across the world, saw 281 suspicious transactions reported and 118 individuals arrested.

Continue reading

Sony hack leads to unreleased movies leaking online

Sony-logo-header.jpeg

A number of unreleased movies, as well as some confidential data, has been leaked online following a massive hack at Sony Pictures that happened last week.

In the Reddit thread covering the issue it says that, movies aside, confidential data including visa and passport information of cast and crew members working on different Sony projects, email inboxes and other important documents were leaked.

Continue reading

Microsoft Research thinks Haven might be the answer to cloud storage security problems

Microsoft Research thinks Haven might be the answer to cloud storage security problems

Storing your data in the cloud requires you to place trust in a company and its service. Whether you're talking about Dropbox, Google Drive or an enterprise level solution, security is of paramount importance. There have been numerous high profile cases in recent months in which data breaches have occurred and private data has been accessed by unauthorized people -- including the NSA et al. It's little wonder that many people are wary of moving entirely to the cloud.

But Microsoft Research may have a solution. A small team of researchers came up with the idea of Haven, a cloud system that introduces the idea of shielded execution. This is a platform designed not just for storing data, but also to securely run cloud-based applications, including those based on legacy code.

Continue reading

Does your company need an Intrusion Detection System?

Intrusion

Unauthorized access to networks is currently one of the most serious threats to the hosting business. Intruders and viruses present the two biggest security threats to the industry. Let us examine three key definitions: intruders (or hackers), intrusion, which is a formal term for describing the act of compromising a network or system, and Intrusion Detection Systems, which help business detect when they are vulnerable to an attack.

Intruders can be external or internal and their intents may vary from benign to serious. Statistically 80 percent of security breaches are committed by internal users and these are by far the most difficult to detect and prevent. These intruders create a significant issue for network systems and IT equipment. Intruders come in a variety of classes with a varying level of competence -- an external user without authorized access to the system will want to penetrate the system to exploit legitimate user accounts to access data, programs or resources with a purpose of misuse. Intruders may even use compromised systems to launch attacks.

Continue reading

Consumers warned to be on the alert for Cyber Monday scams

Cyber Monday

Cyber Monday is once again set to break records for online sales and web traffic, but there’s a darker side to the day too.

Social risk management company ZeroFOX has released the results of some research into the risks associated with the Cyber Monday spending spree.

Continue reading

Permission-free post-loading lets carriers push crap apps to Android handsets

Permission-free post-loading lets carriers push crap apps to Android handsets

It used to be that you'd buy a new PC or laptop and have to spend the first hour or so removing all of the crap that the manufacturer had installed. The same idea carried across to mobile phones, particularly in the case of Android handsets, but the key difference is that -- at least without rooting -- many carrier apps can be all but impossible to remove. Now, thanks to "post-loading" the problem is about to get worse.

As the term suggests, post-loading makes it possible for a carrier to push apps to handsets and install them secretly. This is all thanks to Digital Turbine's Ignite system, and the likes of Vodafone, Verizon, T-Mobile and more are listed as clients. Of course, it's all about money or, as Digital Turbine puts it, "maximizing the efficiency of pre and post loading applications on smartphones for more advertising revenue".

Continue reading

East-Tec Eraser 2015 debuts 'intelligent Risk Monitor'

eraser2014-200x175

East-Tec has released East-Tec Eraser 2015, the latest edition of its comprehensive PC privacy tool.

This version introduces the Risk Monitor, which warns you of potential privacy risks as soon as they happen, removing them with a click.

Continue reading

You better watch out -- online retailers' security practices under the spotlight

Santa naughty or nice

This time of year sees a spike in online shopping activity, but that also means added worries about how well our information is being looked after when we buy online.

Password management company LastPass has put together an infographic 'naughty and nice' list looking at how online retailers store information when we shop.

Continue reading

© 1998-2014 BetaNews, Inc. All Rights Reserved. Privacy Policy.